Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
File: 304afa07-08cf-4abd-b55e-949deeea1591.roa (raw, json)
Hash identifier: Wwon/oMnfKUfUMZqnIpYwz8l2PUZuejQ3ypKUg8ZppA=
Subject key identifier: EB:EF:20:7F:AC:00:94:E7:CD:32:E9:E6:99:30:17:58:A9:C7:B8:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 192F1F7E207B3604F62EC5B8B41109D5E707D6F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
Signing time: Tue 24 Feb 2026 00:40:13 +0000
ROA not before: Tue 24 Feb 2026 00:40:13 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:2f:1f:7e:20:7b:36:04:f6:2e:c5:b8:b4:11:09:d5:e7:07:d6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:13 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=92c41a5692dcd6847e943a6be5c51f19109d3d57f8562ef46916292176cbb52f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:0b:eb:7c:f7:97:2c:68:58:ad:9c:cb:90:
b6:3e:05:92:ca:ef:7f:b9:7a:6b:e6:69:03:4d:13:
54:29:ff:ce:d6:27:f0:47:aa:c8:b3:f1:f7:dd:c1:
97:54:4e:aa:f7:4a:8d:f8:42:99:42:6e:97:01:9d:
57:a9:a5:ae:bb:de:cf:a4:8e:66:86:6f:66:44:dc:
ef:0e:f4:4c:01:cb:47:57:12:6a:32:4c:17:94:5f:
2d:02:84:b0:fc:7e:2e:df:cc:7d:21:ff:a9:55:c5:
d8:d7:e4:11:9d:18:fa:9e:9d:8b:b0:d9:07:35:1f:
97:e5:d1:50:a3:a5:0a:eb:39:77:37:71:e7:93:fe:
42:11:09:b8:38:a8:f7:90:e7:b3:09:e4:46:fe:a1:
7e:55:e6:dc:3d:31:8a:fc:a3:3d:dc:27:69:32:05:
e8:63:55:15:19:54:e4:ad:81:9f:5f:5e:f9:ad:6b:
a1:6e:83:41:67:32:e6:29:1f:6c:8c:9c:54:e4:fb:
3b:ce:b9:4a:9c:d4:03:a5:1c:2b:ea:71:6a:4a:c4:
25:b5:70:8f:e1:72:1c:7f:9e:d5:42:a9:16:26:64:
54:32:0f:36:77:08:5b:86:9b:88:fc:f5:1a:85:0b:
da:1b:27:5f:7e:b4:34:ab:0d:e4:71:12:29:f2:c0:
d1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:EF:20:7F:AC:00:94:E7:CD:32:E9:E6:99:30:17:58:A9:C7:B8:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
34:c7:f3:77:0f:9f:c5:b5:12:17:96:88:da:9b:68:1c:21:e5:
50:80:ed:5a:20:f2:68:98:72:f7:f7:ba:be:e3:90:1a:2d:51:
98:b1:40:ea:82:6b:d7:99:2f:a6:cb:b7:d5:e5:aa:5e:d1:3d:
95:fc:46:d0:9a:8a:dd:2b:de:af:16:2d:0d:63:09:d5:40:ff:
0d:aa:33:15:8b:a7:5a:18:a4:7e:fb:58:bf:dd:62:ab:25:e7:
8c:36:8c:2b:ab:8a:32:fe:d8:eb:03:f3:bd:b6:6e:32:ac:e9:
3c:49:e7:ea:a3:b9:8b:9c:39:8b:37:6b:0f:87:51:92:0f:63:
54:e0:89:32:81:3a:cb:9f:1b:3c:f6:00:b7:bb:0f:44:c7:0a:
b8:18:76:57:9c:9d:f0:21:9e:e9:92:de:ea:2e:8a:39:8d:e4:
0f:52:dd:a6:16:80:ad:62:41:26:dd:ac:e3:c0:e6:3f:af:73:
b6:ee:42:58:3b:3d:27:c3:1a:ed:0a:9f:79:ad:5e:cb:92:10:
31:bb:41:78:a0:21:a4:39:d0:89:15:3f:4c:2a:00:5c:b7:2a:
fc:99:0f:fd:f0:2d:46:40:e5:29:72:d0:36:b0:a7:3d:9c:50:
9e:21:eb:c4:8a:2f:fd:47:97:dc:8b:55:58:54:7f:1c:46:d1:
0f:d7:ea:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGS8ffiB7NgT2LsW4tBEJ1ecH1vAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMDQwMTNaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyYzQxYTU2OTJkY2Q2ODQ3ZTk0M2E2YmU1YzUxZjE5MTA5ZDNkNTdmODU2
MmVmNDY5MTYyOTIxNzZjYmI1MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmEC+t895csaFitnMuQtj4Fksrvf7l6a+ZpA00TVCn/ztYn8EeqyLPx993B
l1ROqvdKjfhCmUJulwGdV6mlrrvez6SOZoZvZkTc7w70TAHLR1cSajJMF5RfLQKE
sPx+Lt/MfSH/qVXF2NfkEZ0Y+p6di7DZBzUfl+XRUKOlCus5dzdx55P+QhEJuDio
95DnswnkRv6hflXm3D0xivyjPdwnaTIF6GNVFRlU5K2Bn19e+a1roW6DQWcy5ikf
bIycVOT7O865SpzUA6UcK+pxakrEJbVwj+FyHH+e1UKpFiZkVDIPNncIW4abiPz1
GoUL2hsnX360NKsN5HESKfLA0QMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr7yB/
rACU580y6eaZMBdYqce4PDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA0YWZhMDctMDhjZi00YWJkLWI1NWUtOTQ5ZGVlZWExNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA0x/N3D5/FtRIXlojam2gcIeVQgO1aIPJomHL3
97q+45AaLVGYsUDqgmvXmS+my7fV5ape0T2V/EbQmordK96vFi0NYwnVQP8NqjMV
i6daGKR++1i/3WKrJeeMNowrq4oy/tjrA/O9tm4yrOk8Sefqo7mLnDmLN2sPh1GS
D2NU4IkygTrLnxs89gC3uw9Exwq4GHZXnJ3wIZ7pkt7qLoo5jeQPUt2mFoCtYkEm
3azjwOY/r3O27kJYOz0nwxrtCp95rV7LkhAxu0F4oCGkOdCJFT9MKgBctyr8mQ/9
8C1GQOUpctA2sKc9nFCeIevEii/9R5fci1VYVH8cRtEP1+pW
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:39 2026 by rpki-client